VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,229 total · sorted by risk
  • CVE-2019-12646HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper…

  • CVE-2019-12633HigSep 5, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. The vulnerability is due to improper validation of…

  • CVE-2019-12632HigSep 5, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system. The vulnerability exists because the affected system does not properly validate user-supplied…

  • CVE-2019-1968HigAug 30, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API.…

  • CVE-2019-1967HigAug 30, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affected…

  • CVE-2019-1908HigAug 21, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Intelligent Platform Management Interface (IPMI) implementation of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to view sensitive system information. The vulnerability is due to insufficient security…

  • CVE-2019-1900HigAug 21, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to cause the web server process to crash, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient…

  • CVE-2019-12634HigAug 21, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The…

  • CVE-2019-12627HigAug 21, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data. The vulnerability is due to insufficient application identification.…

  • CVE-2019-1957HigAug 8, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web interface of Cisco IoT Field Network Director could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of Transport…

  • CVE-2019-1955HigAug 8, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to incomplete input…

  • CVE-2019-1892HigJul 6, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. The vulnerability is due to improper…

  • CVE-2019-1891HigJul 6, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests…

  • CVE-2019-1878HigJun 20, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Cisco Discovery Protocol (CDP) implementation for the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, adjacent attacker to inject arbitrary shell commands that are executed by the device. The…

  • CVE-2019-1868HigJun 5, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to access sensitive system information. The vulnerability is due to improper access control to files within the web-based management interface. An…

  • CVE-2019-1817HigMay 3, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of HTTP…

  • CVE-2019-1704HigMay 3, 2019
    risk 0.49cvss 7.5epss 0.02

    Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information…

  • CVE-2019-1696HigMay 3, 2019
    risk 0.49cvss 7.5epss 0.02

    Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information…

  • CVE-2019-1687HigMay 3, 2019
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service…

  • CVE-2019-1635HigMay 3, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of…

  • CVE-2019-1718HigApr 17, 2019
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the web interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of Secure Sockets Layer (SSL)…

  • CVE-2019-1752HigMar 28, 2019
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the ISDN functions of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of specific values in the Q.931 information elements. An attacker…

  • CVE-2019-1741HigMar 28, 2019
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Cisco Encrypted Traffic Analytics (ETA) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a logic error that exists when handling a malformed incoming…

  • CVE-2019-1739HigMar 28, 2019
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to a parsing issue on DNS packets. An…

  • CVE-2019-1738HigMar 28, 2019
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to a parsing issue on DNS packets. An…

  • CVE-2019-1766HigMar 22, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability…

  • CVE-2019-1763HigMar 22, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition.…

  • CVE-2019-1716HigMar 22, 2019
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary…

  • CVE-2018-0389HigMar 13, 2019
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the implementation of Session Initiation Protocol (SIP) processing in Cisco Small Business SPA514G IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition.…

  • CVE-2019-1681HigFeb 21, 2019
    risk 0.49cvss 7.5epss 0.06

    A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device, possibly resulting in information disclosure. The vulnerability is due to improper…

  • CVE-2019-1675HigFeb 7, 2019
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the…

  • CVE-2019-1644HigJan 23, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the UDP protocol implementation for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to exhaust system resources, resulting in a denial of service (DoS) condition. The vulnerability is due to improper resource…

  • CVE-2018-7080HigDec 7, 2018
    risk 0.49cvss 7.5epss 0.01

    A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. An attacker who is able to exploit the vulnerability could install new, potentially malicious firmware into the AP's BLE radio and could then gain access to the AP's console…

  • CVE-2018-15448HigNov 8, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the user management functions of Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to discover sensitive user information. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability…

  • CVE-2018-0443HigOct 17, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to…

  • CVE-2018-0442HigOct 17, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential…

  • CVE-2018-0405HigOct 5, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted…

  • CVE-2018-0404HigOct 5, 2018
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The attacker could retrieve…

  • CVE-2018-15391HigOct 5, 2018
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could allow an unauthenticated, remote attacker to impact traffic passing through a device, potentially causing a denial of service (DoS) condition. The vulnerability is due to the…

  • CVE-2018-15383HigOct 5, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary…

  • CVE-2018-0463HigOct 5, 2018
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to gain unauthorized access to configuration data that is stored on an affected NSO system. The vulnerability exists…

  • CVE-2018-0455HigOct 5, 2018
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Server Message Block Version 2 (SMBv2) and Version 3 (SMBv3) protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the device to run low on system memory, possibly preventing the device…

  • CVE-2018-0419HigAug 15, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in certain attachment detection mechanisms of Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of an affected system. The vulnerability is due to the improper detection of content within…

  • CVE-2018-0409HigAug 15, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service (CUCM IM&P) and the Cisco TelePresence Video Communication Server (VCS) and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage…

  • CVE-2018-0372HigJul 18, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS)…

  • CVE-2018-0346HigJul 18, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect bounds checks for certain values in…

  • CVE-2018-0385HigJul 16, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The…

  • CVE-2018-0370HigJul 16, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus slow down traffic processing. The vulnerability is due to improper handling of…

  • CVE-2018-0358HigJun 21, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VCS) Expressway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to exhaustion of file descriptors while…

  • CVE-2018-0311HigJun 21, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software…

Page 29 of 145